[funsec] Re: Malware sharing? People are full of shit [was: Get
your computer viruses here!]
drsollyp at drsolly.com
Thu Dec 29 10:12:30 CST 2005
On Thu, 29 Dec 2005, Aviram Jenik wrote:
> On Thursday, 29 December 2005 00:06, Drsolly wrote:
> > This is the "information should be free argument". The reply to that is
> > "If you believe that, then please post your credit card and identity
> > information on a public site"
> I think this is a completely flawed argument.
> First, "information wants to be free" doesn't imply FORCING people to share
> information - just ALLOWING them to do so. I don't think Val talked about
> forcing you to share your malware - he just wants to share his.
But he's exercising a choice about who to share his information with, and
that's what I'm advocationg. He will share his credit card information
with his bank, or with people he buys things from. But he won't share it
with the people on his web site.
> Second, there's a difference between "information" and "personal information".
> Yes, if you obtained someone's credit card information you should not place
> it online. That has nothing to do with "information" it has to do with the
> right for privacy.
But I'm not talking about breaching some third party's privacy. I'm
explaining why he already exercises discretion in who he shares
> So the question becomes is it "right" or "wrong" to share a certain type of
> information (location of nuclear base plants, the government spending on
> rebuilding Iraq, exploit code that demonstrate a PoC of a vulnerability,
> malware that is found in limited circulation). Most of these cases are not
> 'clear cut' and should not be presented that way ("ethically crippled"?
> Common, Nick).
More information about the funsec